On Sat, 2006-11-11 at 22:23 -0500, Gene Heskett wrote: > On Saturday 11 November 2006 19:48, Craig White wrote: > >On Sat, 2006-11-11 at 19:30 -0500, Gene Heskett wrote: > >> Greetings; > >> > >> My logs now contain megabytes of selinux spew. I've disabled it for > >> the time being, and have forgotten how one goes about having it > >> regenerate its 'this is ok' list, can someone refresh me on that? > >> > >> Also, I'm getting quite a few mystery emails a day that have virtually > >> no header at all, and contain just one line: > >> > >> Learned tokens from 0 message(s) (13 message(s) examined) > >> > >> Is this something that spamassassin is doing by default now? If so, > >> can it be shut off? > >> > >> I'm also using fetchmail -> procmail as the mail sucking agent. I > >> brought those configs over from the FC2 install, where this didn't > >> occur that I'm aware of. > > > >---- > >http://fedoraproject.org/wiki/SELinux > > > >If your interest in understanding SELinux is merely to silence it, then > >just shut it off and leave it off. > > > Thats not what I intend other than as a short term solution until I can > get it trained. ---- yeah but this is sort of a problem. Once you disable selinux, you will have to relabel your entire filesystem if you want to enable it again in the future...that can take some time ;-) ---- > > >I'm not sure if this will help you but it might (i.e. leave selinux in > >permissive state)...if you install the 'audit' package, I believe that > >it diverts the 'spew' as you call it from syslog > >to /var/log/audit/audit.log > > And does logrotate currently handle that, or do I need to run that down > and add it? ---- It does on RHEL 4 - I don't know about FC-6 but I would think so ---- > > Totally OT here, I just discovered I didn't setup a /dos partition, > formatted vfat. Unforch, I doubt if LVM2 can handle that, but I'd like > to confirm I made a booboo there. Did I? ---- I don't know ---- > This also doesn't address the strange email I mentioned. ---- that sounded to me like something that sa-learn is doing...perhaps you have some shell script that invokes sa-learn that needs it's output directed to /dev/null Craig
